package com.academic.system.controller;

import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.academic.system.model.User;
import com.academic.system.security.UserDetailsImpl;

import javax.servlet.http.HttpSession;
import java.util.HashMap;
import java.util.Map;

/**
 * 测试控制器
 */
@RestController
@RequestMapping("/api/test")
@CrossOrigin(origins = "*", maxAge = 3600)
public class TestController {
    
    /**
     * 简单的ping测试
     */
    @GetMapping("/ping")
    public ResponseEntity<?> ping() {
        Map<String, Object> response = new HashMap<>();
        response.put("message", "pong");
        response.put("timestamp", System.currentTimeMillis());
        return ResponseEntity.ok(response);
    }
    
    /**
     * 测试认证状态
     */
    @GetMapping("/auth-status")
    public ResponseEntity<?> getAuthStatus(HttpSession session) {
        Map<String, Object> response = new HashMap<>();
        
        // 检查Spring Security认证
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        response.put("hasAuthentication", authentication != null);
        response.put("isAuthenticated", authentication != null && authentication.isAuthenticated());
        response.put("principal", authentication != null ? authentication.getPrincipal().getClass().getSimpleName() : "null");
        
        if (authentication != null && authentication.isAuthenticated() && 
            authentication.getPrincipal() instanceof UserDetailsImpl) {
            UserDetailsImpl userDetails = (UserDetailsImpl) authentication.getPrincipal();
            response.put("userId", userDetails.getId());
            response.put("username", userDetails.getUsername());
            response.put("role", userDetails.getRole());
        }
        
        // 检查Session中的用户信息
        User currentUser = (User) session.getAttribute("currentUser");
        response.put("hasCurrentUser", currentUser != null);
        if (currentUser != null) {
            response.put("currentUserId", currentUser.getId());
            response.put("currentUsername", currentUser.getUsername());
            response.put("currentUserRole", currentUser.getRole());
        }
        
        // Session信息
        response.put("sessionId", session.getId());
        response.put("sessionNew", session.isNew());
        response.put("sessionMaxInactiveInterval", session.getMaxInactiveInterval());
        
        return ResponseEntity.ok(response);
    }
    
    /**
     * 测试教师权限
     */
    @GetMapping("/teacher-role")
    @PreAuthorize("hasRole('TEACHER')")
    public ResponseEntity<?> testTeacherRole() {
        Map<String, Object> response = new HashMap<>();
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        UserDetailsImpl userDetails = (UserDetailsImpl) authentication.getPrincipal();
        
        response.put("message", "教师权限测试成功");
        response.put("username", userDetails.getUsername());
        response.put("role", userDetails.getRole());
        response.put("authorities", authentication.getAuthorities().toString());
        
        return ResponseEntity.ok(response);
    }
} 